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DETAILED ACTION 

Applicant amends claims 1 , 4, 9, 11 & 1 8 and adds claim 21 . 
Claims 1-21 are presented for examination. 

Response to Arguments 

Applicant's arguments with respect to claims 1-21 have been considered but are 
moot in view of the new grounds of rejection. The Examiner clarifies the Office's 
position. 

In reviewing the disclosure of the invention the meaning of "asset" is defined on 
pages 8-9: "In the mobile device 30, assets or resources include the wireless 
transceiver 48, Ul 46, interface/connector 50, processor 40, and any of the stores or 
information in the memory 32." "In order to provide multiple-stakeholder secure control 
of the mobile device 30, assets maybe assigned to domains, as shown in the stores in 
the memory 32. The key store 31 includes cryptographic keys for domains B and C." 
(specifically, these excerpts can be found in the Patent Grant Publication of this 
application, U.S. Pat Pub 2005/0213763 A1, 1|28-1|29, respectively). 

Therefore, Applicant's "asset" may be interpreted as comprising, at least, a key 
store / escrow which further comprises a key. 

Figure 2, particularly the component elements of element 32 and on page 12 of 
Applicant's disclosure states "The mobile device 30 (FIG 2) implies a segregation of the 
various stores in the memory 32 into different domain storage areas." (see also 1|39). 
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Therefore, Applicant's "domain" may be interpreted as comprising, at least, a 
memory or storage area which comprises one or more "assets." 

Ergo, in applying art to the claimed invention, the Examiner has provided plain 
meaning "consistent" with the definitions provided by the disclosure of the invention {in 
reZletz, 893 F.2d319, 321, 13USPQ2d 1320, 1322 (Fed. Cir. 1989)) (MPEP 21 11.01 
[R-5]) and interpreted the claims as broadly as their terms reasonably allow {In re 
American Academy of Science Tect) Center, 367 F.3d 1359, 1369, 70 USPQ2d 1827, 
1834 (Fed. Cir. 2004)). 

1 . In light of the amendments to the claims, the Examiner withdraws the rejections 
under 35U.S.C. 112. 

The fact that the Examiner may not have specifically responded to any particular 
arguments made by Applicant and Applicant's Representative, should not be construed 
as indicating Examiner's agreement therewith. 

Claim Rejections - 35 USC § 103 
The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 

(a) A patent may not be obtained though the invention is not identically disclosed or described as set 

forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
the phor art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 
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2. Claims 1-21 are rejected under 35 U.S.C. 103(a) as being unpatentable over 
Audebert et a! (U.S. Pat Pub 2003/0005317 A1), hereinafter referred to as Audebert, in 
view of Paatero (U.S. Pat Pub 2003/0163685 A1), hereinafter referred to as Paatero. 

Re claim 1 : Audebert teaches a plurality of domains [Fig 1, elts 45, 50, 55 & 60] 
residing on a wireless mobile communication device [Fig 1] (111-112; 1[32), at least one 
domain including a plurality of different types of assets [Fig 1 , elts 5, 1 0, 1 5, 20, 40 & 
95] of the wireless mobile communication device (1[32). 

While Audebert discloses different types of assets (Fig 1 , elts 5, 10, 15, 20, 40 & 
95), Audebert does not expressly disclose the different types of assets within a domain 
requiring a common level of trust to access; and a domain controller, on the mobile 
device, for controlling access to the different types of assets that require a common 
level of trust to access within a domain configured to receive a request to perform an 
operation affecting at least one of the assets. 

Yet, in an analogous art, Paatero teaches disclose the different assets [Fig 1 , elt 
16': ] within a domain [Fig 1, elt 16] requiring a common level of trust to access (1[16; 
1[22; 1[27); and a domain controller (Fig 1 , elt 14), on the mobile device (Fig 1 , elt 10: 
1[20, lines 1-2), for controlling access to the different assets that require a common level 
of trust to access within a domain configured to receive a request to perform an 
operation affecting at least one of the assets (Fig 2, elts 36 & 42: 1[31-1[32). 

Paatero further teaches: determine whether the request originated with an entity 
that has a trust relationship with the domain that includes the at least one affected asset 
(Fig 2, elts 36 & 42: 1[31-1[33), and to permit completion of the operation if the request 
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originated with an entity that has a trust relationship with the domain that includes the at 
least one affected asset; wherein completion of the operation is not permitted if the 
request originated with an entity that does not have a trust relationship with the domain 
that includes the at least one affected asset (Fig 2, elts 36 & 42: 1|34-1f35). 

It would have been obvious to one of ordinary skill in the art at the time the 
invention was made to have modified the teachings of Audebert with the teachings of 
Paatero, for the purpose of protecting site specific credentials on a portable device after 
the serving device has been authenticated to prevent tampering or misdirection via 
unsecured servers. 

Re claim 1 1 : Claim 11 is rejected under similar grounds as those stated in claim 
1 . Claim 1 1 incorporates all the limitations provided in claim 1 . 

Re claim 2 : The combination of Audebert and Paatero teaches a key store [Fig 1 : 
see Private and Public keys associated with the plurality of domains] for storing 
cryptographic keys associated with the domain [Audebert: Fig 1 , elts 45, 50, 55 & 60; 
Paatero: Fig 1 , elt 16'] that includes the at least one affected asset (Audebert: 1[32; 
Paatero: Fig 1, elt 16'), wherein the domain controller is configured to determine 
whether the request originated with an entity that has a trust relationship with the 
domain using the cryptographic keys (Paatero: Fig 2, elts 36, 38, 40, 42, 44 & 46: HSI- 
1132). 

Re claims 3. 12 and 13 : The combination of Audebert and Paatero teaches the 
domain controller is configured to determine whether the request originated with the 
entity that has a trust relationship with the domain that includes the at least one affected 
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asset by determining whether the domain that includes the at least one affected asset 
also includes the entity (Paatero: Fig 2, elts 36, 38, 40, 42, 44 & 46: 1131 -1132). 

Re claim 4 : The combination of Audebert and Paatero teaches at least one 
domain further includes as an asset a software application for which the domain 
controller permits completion of the operation upon the software application (Paatero: 
Fig 2, elts 36, 38, 40, 42, 44 & 46: pi-P2) if the request originated with an entity that 
has a trust relationship with the at least one domain that includes as an asset the 
software application; wherein completion of the operation is not permitted if the request 
originated with an entity that does not have a trust relationship with the at least one 
domain that includes the software application as an asset (Paatero: Fig 2, elts 36 & 42: 
1134-1135). 

Re claim 5 : The combination of Audebert and Paatero teaches at least one of the 
domains comprises a plurality of domains, and wherein the wireless mobile 
communication device further comprises a super user software application that has a 
trust relationship with more than one of the plurality of domains (Paatero: 1|23; 1127, lines 
16-20). 

Re claim 6 : The combination of Audebert and Paatero teaches each of the more 
than one of the plurality of domains includes the super user software application 
(Paatero: 1[23; 1127, lines 16-20; 1|37). 

Re claims 7 and 15 : The combination of Audebert and Paatero teaches the 
domain controller is further configured to receive information, and to place the 
information into a domain (Audebert: 1|4). 
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Re claim 8 : Tine combination of Audebert and Paatero teaclies tlie at least one 
asset is selected from the group consisting of: communication pipes, persistent data, 
properties, and software applications (Audebert: 1|2; 1|10). 

Re claims 9 and 18 : The combination of Audebert and Paatero teaches a data 
store for storing properties, wherein the domain controller is further configured to 
determine whether the operation is permitted by properties in the data store, and to 
permit completion of the operation where the operation is permitted by the properties in 
the data store; wherein completion of the operation is not permitted if the operation is 
not permitted by the properties in the data store (Paatero: Fig 2, elts 36 & 42: 1|34-1|35). 

Re claim 10 : The combination of Audebert and Paatero teaches each property is 
global, domain-specific, or specific to a particular software application on the wireless 
mobile communication device (Audebert: 1|2-1|3; Paatero: Fig 2, elts 36 & 42: 1|34-1|35). 

Re claim 14 : The combination of Audebert and Paatero teaches the request 
originates from a software application and wherein the step of determining whether the 
request originated with an entity that has a trust relationship with the domain that 
includes the at least one affected asset comprises the step of verifying a digital 
signature of the software application using a cryptographic key associated with the 
domain (Paatero: Fig 2, elts 34, 36, 38, 42 & 44: 1I34-1I35). 

Re claim 16 : The combination of Audebert and Paatero teaches the step of 
associating comprises the step of determining with which domains the information is to 
be associated in accordance with domain policies (Paatero: Fig 2, elt 42; 1|32; 1|34). 
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Re claim 17 : The combination of Audebert and Paatero teaches the domain 
policies specify that information is to be associated with domains based on one or more 
of: a source of the information, an indicator of a domain in the information, a 
communication pipe over which the information is received, a digital signature of the 
information, an access list describing allowed domain information, and an input from a 
user of the wireless mobile communication device (Paatero: Fig 2, elts 34, 36, 38, 42 & 
44: 1134-1135). 

Re claim 19 : The combination of Audebert and Paatero teaches the step of 
determining whether the operation is permitted by properties stored at the wireless 
mobile communication device comprises the step of checking global properties for the 
wireless mobile communication device and domain properties for the domain that 
includes the at least one affected asset (Audebert: 1|33; 1|35; Paatero: Fig 2, elts 36 & 
42). 

Re claim 20 : The combination of Audebert and Paatero teaches the request 
originates from a software application, and wherein the step of determining whether the 
operation is permitted by properties stored at the wireless mobile communication device 
further comprises the step of checking application properties for the software application 
(Paatero: Fig 1, elt 10; PO; Fig 2, elts 36 & 42). 

Re claim 21 : The combination of Audebert and Paatero teaches wherein one 
domain includes at least two different assets selected from the group of assets 
consisting of: communication pipes, persistent data, properties, and software 
applications (Audebert: Fig 1; 1|2; HIO; Paatero: Fig 1, elts 16 & 16'). 
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Conclusion 

Examiner's Note: Examiner lias cited particular columns and line numbers in the 
references applied to the claims above for the convenience of the applicant. Although 
the specified citations are representative of the teachings of the art and are applied to 
specific limitations within the individual claim, other passages and figures may apply as 
well. It is respectfully requested from the applicant in preparing responses to fully 
consider the references in entirety as potentially teaching all or part of the claimed 
invention, as well as the text of the passage taught by the prior art or disclosed by the 
examiner. 

In the case of amending the claimed invention. Applicant is respectfully 
requested to indicate the portion(s) of the specification which dictate(s) the structure 
relied on for proper interpretation and also to verify and ascertain the metes and bounds 
of the claimed invention. 

Applicant's amendment necessitated the new ground(s) of rejection presented in 
this Office action. Accordingly, THIS ACTION IS MADE FINAL. See MPEP 
§ 706.07(a). Applicant is reminded of the extension of time policy as set forth in 37 

CFR 1.136(a). 

A shortened statutory period for reply to this final action is set to expire THREE 
MONTHS from the mailing date of this action. In the event a first reply is filed within 
TWO MONTHS of the mailing date of this final action and the advisory action is not 
mailed until after the end of the THREE-MONTH shortened statutory period, then the 
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shortened statutory period will expire on the date the advisory action is mailed, and any 
extension fee pursuant to 37 CFR 1 .136(a) will be calculated from the mailing date of 
the advisory action. In no event, however, will the statutory period for reply expire later 
than SIX MONTHS from the date of this final action. 

Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to DARREN SCHWARTZ whose telephone number Is 
(571)270-3850. The examiner can normally be reached on 7am-4pm. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 

supervisor, Kim Vu can be reached on (571)272-3859. The fax phone number for the 

organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application may be obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications may be obtained from either Private PAIR or Public PAIR. 
Status Information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://palr-dlrect.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated information 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 



ID. S./ 

Examiner, Art Unit 2435 
/KImyen Vu/ 

Supervisory Patent Examiner, Art Unit 2435 



